package ecommerce.interceptor;

import java.util.Map;

import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;

public class AuthorisationInterceptor extends AbstractInterceptor {
	
	private static final long serialVersionUID = 1L;
	private static final String MEMBER_ACTION = "ecommerce.action.MembersAction";
	private static final String ADMIN_ACTION = "ecommerce.action.StatisticsAction";
		
	public String intercept(ActionInvocation invocation) throws Exception {
		String action = invocation.getAction().getClass().getName();
		Map<String, Object> session = invocation.getInvocationContext().getSession();
		if (session.get("role") != null) {
			if (session.get("role").equals(1) && action.equals(MEMBER_ACTION)) {
				session.put("authorisationError", true);
				return Action.ERROR;
			} else if(session.get("role").equals(2) && action.equals(ADMIN_ACTION)){
				session.put("authorisationError", true);
				return Action.ERROR;
			}
		} else {
			return Action.ERROR;
		}
		return invocation.invoke();
	}
}

